Created on 09-17-2013 02:49 AM - edited 09-16-2022 01:47 AM
I have a recently upgraded cloudera cluster: Cloudera Standard 4.7.0
I want to implement kerberos security. I don't have a KDC yet.
I found several manuals and it is confusing me.
Security with cloudera manager
what is the best guide for implementing security ?
Our cluster has only 3nodes. I deployed it with ansible, everything is healty
and there is no KDC running beside them.
After deploying the kerberos security on the cluster, i would want to deploy sentry.
Would setting up a KDC on centOS be suffcient?
Created 10-08-2013 11:36 AM
Hi bertbert98,
Did you restart the Cloudera Manager services after implementing Security (Kerberos)? After implementing Kerberos, you need to restart the CM services (Activity Monitor, Service Monitor, Host Monitor, etc.). These services are separate from the cluster services, and can be found at the bottom of the main 'Services' page in CM.
Thanks,
Brian Burton
Customer Operations Engineer
Created 09-17-2013 11:35 AM
@bertbert98,
I have moved this post to the Cloudera Manager board in case that helps you get more attention. I do believe it's fine to run a KDC on CentOS, though, that's how I run mine. The Cloudera Manager doc you referenced is the correct one.
Clint
Created 09-25-2013 04:05 AM
Thank you, it seems to work. But i am having an other problem.
Cloudera manager says he can not test if the namenode , the hbase master and the jobtracker are online.
But i can work perfectly with hue & hdfs.
I found that there was en error in cloudera manager and fixed in version 4.0.4 but i am running 4.7.2
Created 10-08-2013 11:36 AM
Hi bertbert98,
Did you restart the Cloudera Manager services after implementing Security (Kerberos)? After implementing Kerberos, you need to restart the CM services (Activity Monitor, Service Monitor, Host Monitor, etc.). These services are separate from the cluster services, and can be found at the bottom of the main 'Services' page in CM.
Thanks,
Brian Burton
Customer Operations Engineer